Intrusion Detection

Intrusion Detection is the act of detecting actions that attempt to compromise the confidentiality, integrity or availability of a resource. Intrusion Detection can be performed manually or automatically. Manual intrusion detection might take place by examining log files or other evidence for signs of intrusions, including network traffic. A system that performs automated intrusion detection is called an Intrusion Detection System (IDS). An IDS can be either host-based, if it monitors system calls or logs, or network-based if it monitors the flow of network packets.

Don’t wait to implement your cyber protection program. An excellent place to begin developing your approach is with the newly published The U.S. Homeland Security Strategies for Defending Industrial Control Systems. See the 7 recommended strategies and learn and how digital solutions can help fulfill steps toward a more secure operating environment.

Defensive weak spots are just waiting to be found and exploited by persistent cyber attackers. But with cyber threat analysis, you quickly identify, disrupt and mitigate breaches by uncovering critical insights unseen by traditional defenses.

This guide describes the technical and business impact of SHA-1 migration as it pertains to SSL certificates only. It will outline a recommended migration path to minimise the cost and operational impact of replacing affected SSL certificates.

The study’s findings highlight discrepancies—between IT departments and end users—in the approach and attitudes toward data protection. The results provide compelling evidence that there is vast room for improvement in securing critical data flowing between the corporate enterprise and endpoint devices. Read this paper to find how to protect your data today.

The longer attackers remain in your network, the more lateral movement is possible and the greater the risk for data theft. Stopping the exfiltration of data, rather than focusing on stopping data breaches, is the most realistic approach to data security and reducing cyber dwell time.

Innovative practices lead to innovative results. Using our pillars to build a security program helps businesses develop user visibility and behavioral context. Total awareness — “seeing” the extent of your user behavior — starts with five pillars and ends with unquestioned success.

This white paper published by Frost & Sullivan and Cisco examines the role, capabilities, and advantages of service providers in the DDoS mitigation process, as well as how this role might develop in the future.

When your Internet-facing network comes under DDoS attack, does your entire organization panic – or does everyone know exactly what to do? Read this whitepaper to learn how to protect network assets, websites, and web applications against DDoS attacks and best practices for adding DDoS mitigation to a corporate incident response plan.

The time has come for CEOs and Boards to take personal responsibility for improving their companies’ cyber security. Global payment systems, private customer data, critical control systems, and core intellectual property are all at risk today. As cyber criminals step up their game, government regulators get more involved, litigators and courts wade in deeper, and the public learns more about cyber risks, corporate leaders will have to step up accordingly.
This whitepaper focuses on the LogRhythm Security Intelligence Maturity Model, and how it is a valuable guide for building the necessary successive layers of threat detection and response capabilities.
Download this paper now to find out more.

In this webinar, learn how LogRhythm reduces mean time to detect (MTTD) and mean time to respond (MTTR) through machine-driven, real-time behavioral analytics, rapid forensic search and automated response.

Attackers are becoming increasingly skilled at planting malicious code on websites frequented by their desired targets, commonly called "watering hole" attacks. Join us for a live demo showing an example of such an attack, and how to detect it immediately using AlienVault USM.